summaryrefslogtreecommitdiff
path: root/source3/utils
AgeCommit message (Collapse)AuthorFilesLines
2010-05-18s3-secdesc: use SD_REVISION from security.idl.Günther Deschner1-1/+1
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner6-22/+22
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_acl SEC_ACL".Günther Deschner3-12/+12
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_ace SEC_ACE".Günther Deschner2-26/+28
Guenther
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij4-12/+12
2010-05-18smbconf: only include smbconf headers where needed.Günther Deschner1-0/+3
Guenther
2010-05-18s3-registry: only include registry headers when really needed.Günther Deschner6-2/+6
Guenther
2010-05-18s3-crypto: only include crypto headers when crypto is done.Günther Deschner1-0/+1
Guenther
2010-05-18s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner2-7/+7
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
2010-05-17s3-libgpo: move group policy protos to where they belong.Günther Deschner1-0/+2
Guenther
2010-05-17added support for a -I flagMatthew McGillis1-2/+148
2010-05-17Consolidate all set SEC_DESC into single procedure set_secdescMatthew McGillis1-25/+32
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett2-6/+4
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-10s3-net: Fix Bug #7417. 'net rpc user password' can set the wrong password.Günther Deschner1-1/+4
Guenther
2010-05-06s3-eventlog: move all eventlog headers to lib/eventlog and only include ↵Günther Deschner2-0/+2
where required. Guenther
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner8-0/+9
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
2010-05-05s3: Fix bug 5972 -- remove -L testparm parameterVolker Lendecke1-6/+0
Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> to point out that this does not work and to agree it's not worth fixing :-)
2010-05-05s3-net: fix crash in rap_share_add().Günther Deschner1-1/+1
Guenther
2010-05-03Consolidate all get SEC_DESC into single procedure get_secdescMatthew McGillis1-44/+37
2010-05-03always pass filename as const charMatthew McGillis1-2/+2
2010-04-27Fix more S3 build breakage. Matthias, please ensure S3 builds whenJeremy Allison1-2/+2
changing common code. Jeremy.
2010-04-27s3: use shared registry functions.Günther Deschner3-3/+3
Guenther
2010-04-26s3: fix some build warnings.Günther Deschner1-3/+3
Guenther
2010-04-26s3: use generated rap header.Günther Deschner1-3/+4
Guenther
2010-04-26s3: Implement "net rpc user setprimarygroup"Volker Lendecke1-0/+59
2010-04-20Fix i18n of net conf import error message.Jim McDonough1-3/+4
Thanks gd
2010-04-20Display an error on net conf import failures.Jim McDonough1-0/+3
When something goes wrong, such as a typo in a parameter name, we'll now display the failure instead of just returning with -1 and no message.
2010-04-09s3: add iconv_convenience handle to pull/push sz helpers.Günther Deschner2-8/+8
Guenther
2010-03-28s3: Slightly simplify unmap_unix_groupVolker Lendecke1-4/+1
2010-03-26Fix bug #7240 - Net usershare is not case sensitive.Jeremy Allison1-4/+19
Updates usershare files in a backwards compatible way. I don't intend to back port this fix to 3.5.x as it depends on a version upgrade in the share_info.tdb share security database. Jeremy.
2010-03-26s3 ntlm_auth: Don't malloc data that will be talloc_free()dKai Blin1-12/+12
This fixes bug #7290 Thanks to Mohan <mohann@silver-peak.com> for the bug report.
2010-03-24s3:ntlmssp: use client.netbios_name instead of workstationStefan Metzmacher1-3/+4
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s3:ntlmssp: rename void *auth_context; into void *callback_private;Stefan Metzmacher1-6/+6
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s3:ntlmssp: remove unused get_global_myname() and get_domain() from ↵Stefan Metzmacher1-4/+0
ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store themStefan Metzmacher1-1/+5
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_stateStefan Metzmacher1-1/+27
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s3-testparm: Throw warning when 'workgroup' and 'netbios name' are identical.Karolin Seeger1-0/+6
Address bug #7285 (NetBIOS Namespace Clash Handling). Karolin
2010-03-16s3: fix buildwarning in smbta-util.Günther Deschner1-3/+5
Guenther
2010-03-16Fix developer build, remove mallocAndreas Schneider1-11/+7
2010-03-16Don't exit(0) on errorJim McDonough1-3/+3
2010-03-16Add smbta-util to manage the encryption key.Holger Hetterich1-0/+211
This program allows the administrator to enable or disable AES encryption when using vfs_smb_traffic_analyzer. It also generates new keys, stores them to a file, so that the file can be reused on another client or server.
2010-03-16s3:smbcacls: also honour the "--sddl" flag when setting ACLs.Michael Adam1-2/+6
Michael
2010-03-12s3: Add "net registry increment"Volker Lendecke1-0/+105
A convenience function to increment a DWORD value under a (cluster-wide) lock
2010-03-12s3: Add "g_lock_do" as a convenience wrapper functionVolker Lendecke1-27/+22
2010-03-12s3: Actually use mem_ctx in net_g_lock_init()Volker Lendecke1-3/+3
2010-03-12s3: Fix some "net registry" usage messagesVolker Lendecke1-3/+3
2010-03-10s3: Fix a long-standing problem with recycled PIDsVolker Lendecke3-0/+164
When a samba server process dies hard, it has no chance to clean up its entries in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb. For locking.tdb and brlock.tdb Samba is robust by checking every time we read an entry from the database if the corresponding process still exists. If it does not exist anymore, the entry is deleted. This is not 100% failsafe though: On systems with a limited PID space there is a non-zero chance that between the smbd's death and the fresh access, the PID is recycled by another long-running process. This renders all files that had been locked by the killed smbd potentially unusable until the new process also dies. This patch is supposed to fix the problem the following way: Every process ID in every database is augmented by a random 64-bit number that is stored in a serverid.tdb. Whenever we need to check if a process still exists we know its PID and the 64-bit number. We look up the PID in serverid.tdb and compare the 64-bit number. If it's the same, the process still is a valid smbd holding the lock. If it is different, a new smbd has taken over. I believe this is safe against an smbd that has died hard and the PID has been taken over by a non-samba process. This process would not have registered itself with a fresh 64-bit number in serverid.tdb, so the old one still exists in serverid.tdb. We protect against this case by the parent smbd taking care of deregistering PIDs from serverid.tdb and the fact that serverid.tdb is CLEAR_IF_FIRST. CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not work when all smbds are restarted. For this, "net serverid wipe" has to be run before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up sessionid.tdb and connections.tdb. While there, this also cleans up overloading connections.tdb with all the process entries just for messaging_send_all(). Volker
2010-03-06s3: Fix the build of net_afs.c with --fake-kaserver=yes, bug 7216Volker Lendecke1-1/+1
Thanks to Geza Gemes <geza@kzsdabas.hu> for filing this bug
2010-03-05s3: Make "smbcontrol xx debuglevel" print the correct cluster pidVolker Lendecke1-2/+6
2010-03-05s3-net: fix net after spoolss_EnumPrinterDataEx IDL change.Günther Deschner1-9/+2
Guenther